β422Aug 13, 2022Updated 3 years ago
Alternatives and similar repositories for Hacking-APIs
Users that are interested in Hacking-APIs are comparing it to the libraries listed below
Sorting:
- π Websheep is an app based on a willingly vulnerable ReSTful APIs.β57Mar 25, 2024Updated last year
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!β132Dec 22, 2022Updated 3 years ago
- Contextual Content Discovery Toolβ3,096Apr 29, 2024Updated last year
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,524Jan 15, 2026Updated last month
- A repository that includes all the important wordlists used while bug hunting.β1,378Mar 11, 2023Updated 2 years ago
- β84May 1, 2023Updated 2 years ago
- Saves pages to Wayback machineβ12Dec 2, 2024Updated last year
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communitβ¦β3,644Nov 23, 2025Updated 3 months ago
- A wordlist of API names for web application assessmentsβ866Jun 17, 2025Updated 8 months ago
- γπγA tool used to hunt down API key leaks in JS files and pagesβ836Sep 4, 2025Updated 5 months ago
- completely ridiculous API (crAPI)β1,435Updated this week
- π« Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fastβ¦β1,503Feb 5, 2026Updated 3 weeks ago
- Detailed information about API key / OAuth token (Description, Request, Response, Regex, Example)β288Sep 26, 2023Updated 2 years ago
- β249May 25, 2021Updated 4 years ago
- HTTP parameter discovery suite.β6,091Feb 20, 2025Updated last year
- bypass-url-parserβ1,113Feb 21, 2026Updated last week
- Find way more from the Wayback Machine, Common Crawl, Alien Vault OTX, URLScan, VirusTotal, GhostArchive & Intelligence X!β2,543Feb 7, 2026Updated 2 weeks ago
- Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.β6,075Aug 14, 2024Updated last year
- β755Jun 26, 2024Updated last year
- Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.β2,027Jul 12, 2025Updated 7 months ago
- Hidden parameters discovery suiteβ2,027Sep 8, 2024Updated last year
- All about bug bounty (bypasses, payloads, and etc)β6,644Sep 8, 2023Updated 2 years ago
- Jeeves SQLI Finderβ215May 13, 2022Updated 3 years ago
- This challenge is Inon Shkedy's 31 days API Security Tips.β2,231Apr 20, 2022Updated 3 years ago
- Automated tool for domains & subdomains gatheringβ191Jan 30, 2026Updated 3 weeks ago
- Collect XSS vulnerable parameters from entire domain.β155Jul 29, 2022Updated 3 years ago
- Rockyou for web fuzzingβ3,023Feb 11, 2026Updated 2 weeks ago
- i will upload more templates here to share with the comunity.β567Apr 17, 2024Updated last year
- Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practisβ¦β1,676May 24, 2025Updated 9 months ago
- For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. π‘οΈβοΈπ§β1,820Jun 9, 2024Updated last year
- A toolkit for testing, tweaking and cracking JSON Web Tokensβ6,389May 1, 2025Updated 9 months ago
- GraphQL threat framework used by security professionals to research security gaps in GraphQL implementationsβ350Jul 1, 2025Updated 7 months ago
- Obtain GraphQL API schema even if the introspection is disabledβ1,387Dec 5, 2025Updated 2 months ago
- A cheat sheet that contains advanced queries for SQL Injection of all types.β3,143May 13, 2023Updated 2 years ago
- User-Agent , X-Forwarded-For and Referer SQLI Fuzzerβ382May 19, 2023Updated 2 years ago
- A python script that finds endpoints in JavaScript filesβ4,286Apr 13, 2024Updated last year
- API Security Project aims to present unique attack & defense methods in API Security fieldβ1,430Mar 5, 2024Updated last year
- 403/401 Bypass Methods + Bash Automation + Your Support ;)β1,573Jun 6, 2022Updated 3 years ago
- Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokensβ¦β5,208Jan 31, 2026Updated 3 weeks ago